When calling ipa realmdomains-mod, the code first validates the domains that are provided as arguments. It is checking that a _kerberos TXT record exists for the domain, but this check is inadequate when the domain is an AD domain because Active Directory domains never have _kerberos TXT record associated.
(see comments from @abbra in PR 1597).
We should use a different method.
Metadata Update from @fbarreto:
- Issue priority set to: low
- Issue set to the milestone: FreeIPA 4.8
to comment on this ticket.